Gitblit devel
blame | history | patch | commit | commitdiff | ignore whitespace
Laurens Vrijnsen
2013-03-22 a2ce62e1f360e9cdb2221cfa3b091c02bda857eb 
 src/com/gitblit/wicket/AuthorizationStrategy.java


@@ -15,14 +15,21 @@


 */



package com.gitblit.wicket;







import java.io.IOException;







import javax.servlet.http.HttpServletResponse;







import org.apache.wicket.Component;



import org.apache.wicket.RestartResponseAtInterceptPageException;



import org.apache.wicket.RestartResponseException;



import org.apache.wicket.authorization.IUnauthorizedComponentInstantiationListener;



import org.apache.wicket.authorization.strategies.page.AbstractPageAuthorizationStrategy;



import org.apache.wicket.protocol.http.WebResponse;



import org.apache.wicket.protocol.http.servlet.AbortWithWebErrorCodeException;







import com.gitblit.GitBlit;



import com.gitblit.Keys;



import com.gitblit.wicket.models.UserModel;



import com.gitblit.models.UserModel;



import com.gitblit.wicket.pages.BasePage;



import com.gitblit.wicket.pages.RepositoriesPage;







public class AuthorizationStrategy extends AbstractPageAuthorizationStrategy implements



@@ -34,6 +41,12 @@


   @SuppressWarnings({ "unchecked", "rawtypes" })



   @Override



   protected boolean isPageAuthorized(Class pageClass) {



      if (RepositoriesPage.class.equals(pageClass)) {



         // allow all requests to get to the RepositoriesPage with its inline



         // authentication form



         return true;



      }







      if (BasePage.class.isAssignableFrom(pageClass)) {



         boolean authenticateView = GitBlit.getBoolean(Keys.web.authenticateViewPages, true);



         boolean authenticateAdmin = GitBlit.getBoolean(Keys.web.authenticateAdminPages, true);



@@ -42,17 +55,18 @@


         GitBlitWebSession session = GitBlitWebSession.get();



         if (authenticateView && !session.isLoggedIn()) {



            // authentication required



            session.cacheRequest(pageClass);



            return false;



         }







         UserModel user = session.getUser();



         if (pageClass.isAnnotationPresent(AdminPage.class)) {



         if (pageClass.isAnnotationPresent(RequiresAdminRole.class)) {



            // admin page



            if (allowAdmin) {



               if (authenticateAdmin) {



                  // authenticate admin



                  if (user != null) {



                     return user.canAdmin;



                     return user.canAdmin();



                  }



                  return false;



               } else {



@@ -70,13 +84,17 @@






   @Override



   public void onUnauthorizedInstantiation(Component component) {



		


      if (component instanceof BasePage) {



         GitBlitWebSession session = GitBlitWebSession.get();



         if (!session.isLoggedIn()) {



            throw new RestartResponseAtInterceptPageException(LoginPage.class);



         } else {



            throw new RestartResponseAtInterceptPageException(RepositoriesPage.class);



         }



         throw new RestartResponseException(RepositoriesPage.class);



      }



      /*** DISABLED CODE ***



      if (component instanceof BasePage) {



         HttpServletResponse response = ((WebResponse)component.getResponse()).getHttpServletResponse();



         response.setHeader("WWW-Authenticate", "Basic realm=test");



         throw new AbortWithWebErrorCodeException(HttpServletResponse.SC_UNAUTHORIZED);



			


      } 


      *** END DISABLED ***/



   }



}